You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/batch/batch-account-create-portal.md
+9-15Lines changed: 9 additions & 15 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -160,34 +160,28 @@ To create a Batch account with authentication mode settings:
160
160
To grant access to the key vault manually in [Azure portal](https://portal.azure.com), you need to assign **Key Vault Secrets Officer** role for Batch:
161
161
162
162
1. Select **Access control (IAM)** from the left navigation of the key vault page.
163
-
1. At the top of the **Access control (IAM)** page, select **Add** > **Add role assignment**.
164
-
1. On the **Add role assignment** screen, under **Role** tab, under **Job function roles** sub tab, search and select **Key Vault Secrets Officer** role for the Batch account, and then select **Next**.
165
-
1. On the **Members** tab, select **Select members**. On the **Select members** screen, search for and select **Microsoft Azure Batch**, and then select **Select**.
166
-
1. Click the **Review + create** button on the bottom to go to **Review + assign** tab, and click the **Review + create** button on the bottom again.
163
+
2. At the top of the **Access control (IAM)** page, select **Add** > **Add role assignment**.
164
+
3. On the **Add role assignment** screen, under **Role** tab, under **Job function roles** sub tab, search and select **Key Vault Secrets Officer** role for the Batch account, and then select **Next**.
165
+
4. On the **Members** tab, select **Select members**. On the **Select members** screen, search for and select **Microsoft Azure Batch**, and then select **Select**.
166
+
5. Select the **Review + create** button on the bottom to go to **Review + assign** tab, and select the **Review + create** button on the bottom again.
167
+
168
+
> [!NOTE]
169
+
> If the RBAC role is not assigned for Batch in the key vault, you will get **KeyVaultNotFound** error when creating Batch account with that key vault.
167
170
168
171
For detailed steps, see [Assign Azure roles by using the Azure portal](../role-based-access-control/role-assignments-portal.yml).
169
172
170
173
If the Key Vault permission model is **Vault access policy**, you need to also configure the **Access policies**:
174
+
171
175
1. Select **Access policies** from the left navigation of the key vault page.
172
176
1. On the **Access policies** page, select **Create**.
173
-
1. On the **Create an access policy** screen, select a minimum of **Get**, **List**, **Set**, **Delete** and **Recover** permissions under **Secret permissions**.
177
+
1. On the **Create an access policy** screen, select a minimum of **Get**, **List**, **Set**, **Delete**, and **Recover** permissions under **Secret permissions**.
174
178
175
179
:::image type="content" source="media/batch-account-create-portal/secret-permissions.png" alt-text="Screenshot of the Secret permissions selections for Azure Batch":::
176
180
177
181
1. Select **Next**.
178
182
1. On the **Principal** tab, search for and select **Microsoft Azure Batch**.
179
183
1. Select the **Review + create** tab, and then select **Create**.
180
184
181
-
<!--can't find this link or screen
182
-
183
-
Select **Add**, then ensure that the **Azure Virtual Machines for deployment** and **Azure Resource Manager for template deployment** check boxes are selected for the linked **Key Vault** resource. Select **Save** to commit your changes.
184
-
185
-
:::image type="content" source="media/batch-account-create-portal/key-vault-access-policy.png" alt-text="Screenshot of the Access policy screen.":::
186
-
187
-
-->
188
-
> [!NOTE]
189
-
> Currently, the Batch account name supports only access policies. When creating a Batch account, ensure that the key vault uses the associated access policy instead of the EntraID RBAC permissions. For more information on how to add an access policy to your Azure key vault instance, see [Configure your Azure Key Vault instance](batch-customer-managed-key.md).
190
-
191
185
### Configure subscription quotas
192
186
193
187
For user subscription Batch accounts, [core quotas](batch-quota-limit.md) must be set manually. Standard Batch core quotas don't apply to accounts in user subscription mode. The [quotas in your subscription](/azure/azure-resource-manager/management/azure-subscription-service-limits) for regional compute cores, per-series compute cores, and other resources are used and enforced.
0 commit comments